Something funky with middleware headers when deployed to vercel
Unanswered
Keyhole wasp posted this in #help-forum
Keyhole waspOP
I am doing auth in middleware with a cookie. The client logs in to the app with a request to a server somewhere, then that server sets a cookie in the header response which the nextjs middleware gets, and uses that cookie jwt to fetch the user and returns the user as a header "x-user" so that the client immidiately has the user on first page load without the hideous flash that occurs when you do this on the client. Well, this works perfectly fine on localhost, but once I deploy to vercel, the headers get overwritten by whatever funk vercel is doing adding their own cookies like _vercel_jwt and _vercel-experiment-uuid. It causes my cookies to be deleted for whatever reason.
1 Reply
Keyhole waspOP
I made two changes and one of them worked
1. Added "app.set("trust proxy", 1);" to the express server
2. Added sameSite: "none" to the cookie setting since the website and the server have different subdomains.
3. Added domain: ".sharedDomain.com" to the cookies
1. Added "app.set("trust proxy", 1);" to the express server
2. Added sameSite: "none" to the cookie setting since the website and the server have different subdomains.
3. Added domain: ".sharedDomain.com" to the cookies